# Manish Sharma Lab - Trust and Transparency

Canonical page: https://manishsharma.dev/trust
Last reviewed: 2026-07-10

## Privacy

- The first-party site code sets and reads no cookies.
- The public application includes no usage analytics or behavioral-tracking integration.
- Interactive tool inputs are processed in current-page browser memory.
- The tools do not persist inputs in localStorage, sessionStorage, IndexedDB, an application backend, or a site-side database.
- Email drafts are manual. A draft is opened only when the user chooses that action, and nothing is sent unless the user sends it from their own email client.
- Hosting infrastructure and external destinations may process normal request metadata under their own policies.
- Browser-local processing is not a reason to enter secrets. Do not submit confidential customer data, unpublished employer information, credentials, personal data, or safety-critical records.

## Security posture

- The deployed application is statically generated.
- There are no site accounts, application login, application authentication service, server-side input endpoint, or input database.
- The source repository is public: https://github.com/manish-sharma-ai/manish-sharma-ai.github.io
- This narrow static architecture reduces application-side surface; it does not remove browser, extension, dependency, hosting, DNS, TLS, build-chain, or third-party risk.
- No penetration test, independent security audit, security certification, uninterrupted availability, or absence of vulnerabilities is claimed.
- Reporting policy: https://manishsharma.dev/trust#security
- Contact route: https://manishsharma.dev/contact
- Public repository issues are appropriate only for non-sensitive reproducible problems. Do not publish credentials, personal data, confidential material, or live exploit details.

## Accessibility intent

The site aims to support keyboard use, semantic landmarks, visible focus, clear labels, readable contrast, responsive reflow, text alternatives, and reduced-motion preferences.

This is an implementation intent, not a declaration of WCAG conformance, an accessibility certification, or an independent accessibility audit. Report an access barrier at https://manishsharma.dev/contact.

## Claim and source governance

- New factual claims require public source context; analysis or interpretation should be identified as such.
- Public proof metrics and profile facts are routed through shared data with source status, limitations, allowed surfaces, and review context.
- Material held for source review is not active public claim copy.
- Claim ledger: https://manishsharma.dev/claims
- Evidence base: https://manishsharma.dev/evidence
- No-hype boundary: https://manishsharma.dev/no-hype
- AI-agent usage rules: https://manishsharma.dev/for-ai-agents

## Decision boundaries

Preliminary decision-support only. Final feasibility depends on base material, geometry, service conditions, inspection requirements, and expert review.

Outputs are not valid for:

- engineering approval
- certification
- final release
- safety-critical acceptance
- quality guarantee

Brief completeness is a context-quality label, not feasibility. Evidence burden is a planning label, not approval. Monitoring and AI signals do not replace inspection, testing, acceptance criteria, or accountable expert review.

Exafuse owns commercial services, RFQs, production capability, delivery claims, company case studies, and company quality pages.

## Contact paths

- Route selector: https://manishsharma.dev/contact
- Professional and non-confidential discussion: LinkedIn through the route selector
- Public code and non-sensitive repository issues: GitHub through the route selector
- Industrial services, RFQs, production, delivery, and company claims: Exafuse through the route selector

## Related public files

- Security contact declaration: https://manishsharma.dev/.well-known/security.txt
- Human credits: https://manishsharma.dev/humans.txt
- RSS feed: https://manishsharma.dev/rss.xml
